Analysis
-
max time kernel
92s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
21-02-2024 11:42
General
-
Target
2024-02-21_00cebaf214e4c40d5ee13ba0ce2db27c_mafia.exe
-
Size
479KB
-
MD5
00cebaf214e4c40d5ee13ba0ce2db27c
-
SHA1
81c2cf5eb9e991b33ce7aebbb7ae93141d7ea76c
-
SHA256
74708fed9f68f61119d327ff208375b73588ca1318455f63436f72823f34e21b
-
SHA512
38a58de014fe8a243b7cae5c114a1b55c2545177263de20b308295881b858f0833c470032e681168c4569c7eb7144e891cfd1ba1b2d26d1e5a986f8e710b4fb4
-
SSDEEP
6144:b9EyS4oMxIkjxcWqHtg88HARRxSB3Tg4nAzqoDl2cmheGA+Q0Jzhc/gR3gT5uyy5:bO4rfItL8HAc5g4A2U0JKpTjPeGK75UO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-02-21_00cebaf214e4c40d5ee13ba0ce2db27c_mafia.exe"C:\Users\Admin\AppData\Local\Temp\2024-02-21_00cebaf214e4c40d5ee13ba0ce2db27c_mafia.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\6D31.tmp"C:\Users\Admin\AppData\Local\Temp\6D31.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-02-21_00cebaf214e4c40d5ee13ba0ce2db27c_mafia.exe 19AED4ED61F2633ECD8CC2E3912968D75306E4A0D6E075D468C7E3929E734FF261CEBD85BF8886548AACC606A01357B3B3B828E7E3211BC9A8BC6ABD93B89AA12⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD587c1ee0f2b02600c869cfb9907c2f6b4
SHA155601242be6245c20066f7dbcb003f6ffe6b1920
SHA2561dadea0b71571164fbb99e2ce85746b9e75160c1ca6d63a39781503d8883f195
SHA512d043df892bc757304065062df29fd9e6aea99ea70638c170994a1f711894c6159b110fd8b50eaa5228539bccd9c8c5cdacbc2db0a29c49f26ff7109ab9b1bef7